<?php

	class source
	{

		var $fw			= null;
		var $sec		= null;
		var $member_id	= null;
		var $member		= false;

		function source(&$framework, &$security)
		{

			$this->fw	= &$framework;
			$this->sec	= &$security;

			// try to get the member id we are trying to retrieve. if it fails it breaks out of this script
			$this->_get_member_id();

			// verify that the person viewing this page can view the selected persons collection/wishlist
			$this->_verify_visitor();

			// add our members details to smarty
			$this->fw->content['member'] = $this->member;

			// if we get here we can asume this person has access to do so, the previous 2 functions should take care of anyone url hacking

			switch($this->fw->do)
			{

				case 'collection':
					$this->process_collection();
					break;

				case 'wishlist':
					$this->show_wishlist();
					break;

				default:
					$this->show_landing();
					break;

			}

		}

		function show_landing()
		{
			$this->fw->template = 'export.landing.tpl';
		}

		function process_collection()
		{

			$format = $_GET['format'];
			$movies	= $this->fw->get_member_movies($this->member_id);

			switch($format) {
				case 'xml':
					header('content-type: application/xml');
					$this->fw->main_template = 'export.collection_xml.tpl';
					break;

				case 'rss':
					header('content-type: application/xml');
					$this->fw->main_template = 'export.collection_rss.tpl';
					break;

				case 'csv':
					header('content-type: application/csv');
					header('content-disposition: attachment; filename="collection.csv"');
					$this->fw->main_template = 'export.collection_csv.tpl';
					break;

				case 'html':
				default:
					$this->fw->main_template = 'export.collection_html.tpl';
					break;
			}

			$this->fw->content['member']	= $this->member;
			$this->fw->content['movies']	= $movies;

		}

		// Public wishlist for the selected member
		function show_wishlist()
		{

			$format	= $_GET['format'];
			$movies = $this->fw->get_member_wishlist($this->member_id);

			switch($format) {
				case 'xml':
					// this is in xml!
					header('content-type: application/xml');
					$this->fw->main_template = 'export.wishlist_xml.tpl';
					break;
				case 'rss':
				case 'csv':
				case 'html':
				default:
					break;
			}



			$this->fw->content['member']	= $this->member;
			$this->fw->content['movies']	= $movies;

		}

		// obtains the member id based on a couple of things
		function _get_member_id()
		{
			if(isset($_REQUEST['id'])) {
				$this->member_id = (int)$_REQUEST['id'];
			} elseif(isset($_REQUEST['member_id'])) {
				$this->member_id = (int)$_REQUEST['member_id'];
			} elseif($this->sec->auth) {
				// no member id provided. If this is a authenticated member, use their id
				$this->member_id = (int)$this->sec->dtls['id'];
			} else {
				// no member id is obtainable! this person shouldn't be here
				$_SESSION['msg'] = 'Could not verify your details';
				header('location: index.php');
				exit;
			}
		}

		function _verify_visitor()
		{
			// get the members details, and store them
			$this->member = $this->fw->get_member_details($this->member_id);

			if($this->sec->auth && $this->sec->dtls['id'] != $this->member_id && $this->member['preference']['public_collection'] == '0') {
				// this member has a private collection/wishlist
				$_SESSION['msg'] = $this->member['username'] .' has a private collection & wishlist';
				header('location: index.php?what=mymovies');
				exit;
			} elseif($this->member['preference']['public_collection'] <= 1 && !$this->sec->auth) {
				// this person is a public visitor
				$_SESSION['msg'] = 'This members collection & wishlist are restricted';
				header('location: index.php');
				exit;
			}
		}

	}

?>